Private data processing in a cloud-based environment
First Claim
1. A method for securing data on a semi-trusted server, the method implemented on a computing device and comprising:
- receiving on said semi-trusted server at least a current session key from a user device for use during a current session between said user and said semi-trusted server, wherein said current session key is a symmetric key for use on both said semi-trusted server and said user device during at least said current session for both encrypting data and for decrypting data encrypted with said current session key and, wherein the receiving the current session key is via a cloud-based communications forwarding path from the user device to the semi-trusted server;
decrypting user encrypted communications received on said semi-trusted server from said user device during said current session with said current session key, wherein said received user encrypted communications were encrypted on said user device with said current session key;
generating server encrypted communications by encrypting communications for said user device with said current session key on said semi-trusted server;
sending said server encrypted communications to said user device to be decrypted with said current session key on said user device;
generating encrypted personal data by encrypting personal data generated during said current session with said current session key on said semi-trusted server;
storing said encrypted personal data as stored encrypted personal data on said semi-trusted server;
upon completion of said current session, limiting access to said stored encrypted personal data by removing said current session key from accessible memory of said semi-trusted server, wherein said removing comprises overwriting a memory location for said current session key with random data;
receiving said current session key from said user device during a later session, wherein said later session is subsequent to said current session; and
decrypting said encrypted personal data on said semi-trusted server during said later session with said current session key.
4 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method for securing data on a semi-trusted server is implemented on a computing device and includes: receiving at least a current session key from a user device for use during a current session, where the current session key is suitable for encrypting data and for decrypting data encrypted with the current session key, decrypting communications received from the user device during the session with said session key, encrypting with the session key at least one of communications to be sent to said user device and personal data generated during the session, storing the encrypted personal data, and discarding the current session key upon completion of the session, thereby limiting possible access to the stored encrypted personal data other than during the session. Related apparatus and methods are also described.
-
Citations
17 Claims
-
1. A method for securing data on a semi-trusted server, the method implemented on a computing device and comprising:
-
receiving on said semi-trusted server at least a current session key from a user device for use during a current session between said user and said semi-trusted server, wherein said current session key is a symmetric key for use on both said semi-trusted server and said user device during at least said current session for both encrypting data and for decrypting data encrypted with said current session key and, wherein the receiving the current session key is via a cloud-based communications forwarding path from the user device to the semi-trusted server; decrypting user encrypted communications received on said semi-trusted server from said user device during said current session with said current session key, wherein said received user encrypted communications were encrypted on said user device with said current session key; generating server encrypted communications by encrypting communications for said user device with said current session key on said semi-trusted server; sending said server encrypted communications to said user device to be decrypted with said current session key on said user device; generating encrypted personal data by encrypting personal data generated during said current session with said current session key on said semi-trusted server; storing said encrypted personal data as stored encrypted personal data on said semi-trusted server; upon completion of said current session, limiting access to said stored encrypted personal data by removing said current session key from accessible memory of said semi-trusted server, wherein said removing comprises overwriting a memory location for said current session key with random data; receiving said current session key from said user device during a later session, wherein said later session is subsequent to said current session; and decrypting said encrypted personal data on said semi-trusted server during said later session with said current session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for controlling access to personal data stored on a semi-trusted server, the method implemented on a computing device and comprising:
-
sending a current session key associated with a current session from a client device to said semi-trusted server, wherein said current session key is a symmetric key for use during at least said current session on both said client device and semi-trusted server to encrypt and decrypt personal data associated with said client device, and wherein said semi-trusted server is configured to store encrypted personal data generated by encrypting said personal data with said current session key, wherein the sent from the client device current session key is via a cloud-based communications forwarding path from the client device to the semi-trusted server and, wherein upon completion of said current session, limiting access to said stored encrypted personal data by removing said current session key from accessible memory of said semi-trusted server, wherein said removing comprises overwriting a memory location for said current session key with random data; generating user encrypted communications by encrypting communications for said semi-trusted server during said current session with said current session key; sending said user encrypted communications to said server during said current session;
decrypting server encrypted communications received during said current session from said semi-trusted server with said current session key, wherein said received server encrypted communications were encrypted with said current session key;facilitating decryption of said encrypted personal data during a later session by sending said current session key to said semi-trusted server, wherein said later session is subsequent to said current session; sending a previous session key to said semi-trusted server, wherein said previous session key is a previously used current session key and is suitable for use by said semi-trusted server to decrypt said encrypted personal data from a previous session; and receiving unencrypted personal data from said semi-trusted server, wherein said unencrypted personal data is derived from said previous session key and said encrypted personal data. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system for securing data on a semi-trusted server comprising:
-
means for receiving on said semi-trusted server at least a current session key from a user device for use during a current session between said user and said semi-trusted server, wherein said current session key is a symmetric key used on both said semi-trusted server and said user device during at least said current session for both encrypting data and for decrypting data encrypted with said current session key and, wherein the receiving the current session key is via a cloud-based communications forwarding path from the user device to the semi-trusted server; means for decrypting user encrypted communications received on said semi-trusted server from said user device during said current session with said current session key, wherein said received user encrypted communications were encrypted on said user device with said current session key; means for generating server encrypted communications and encrypted personal data by encrypting communications for said user device and said personal data generated during said current session with said current session key on said semi-trusted server; means for storing said encrypted personal data; means for sending said server encrypted communications to said user device to be decrypted with said current session key on said user device; means for limiting access to said stored encrypted personal data other than during said session by removing said current session key from accessible memory of said semi-trusted server upon completion of said current session, wherein said removing comprises overwriting a memory location for said current session key with random data; means for receiving said current session key from said user device during a later session, wherein said later session is subsequent to said current session; and means for decrypting said encrypted personal data on said semi-trusted server during said later session using said current session key. - View Dependent Claims (17)
-
Specification